The specification and the reference implementation of Salt Channel - a simple, light-weight secure channel protocol based on TweetNaCl by Bernstein.
Switch branches/tags
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.


This repo contains the specification and the Java reference implementation of Salt Channel - a simple, light-weight secure channel protocol based on the TweetNaCl API / library by Bernstein et al. Salt Channel is "Powered by Curve25519".

Salt Channel is simpler than TLS and works well on small embedded processors. It has a lower handshake overhead. See this comparison. Salt Channel always uses mutual authentication and forward secrecy. The protocol supports secret client IDs. TLS does not currently do this, however, this property is included in the April 2017 TLS 1.3 draft.

The development of the code in this repository and the protocol itself has been financed by ASSA ABLOY AB -- the global leader in door opening solutions. Thank you for supporting this work. We also thank Daniel Bernstein for developing the underlying cryptographic algorithms. Our work is completely based on his work.

The protocol has been audited. This statement is a summary of the result of the latest security audit. It was performed by Assured AB, thank you!


Version v2 as defined in is the latest stable version of the protocol. New applications should use this version. We recommend that existing applications using v1 should eventually be migrated to v2. As of today (February 2018) we have found no immediate security concern with v1, so from a security point of view, there is no rush.


Java (this repo)

This repository contains the Java implementation of Salt Channel. It is the reference implementation of the protocol. It is open source and released under the MIT License.


See for the C implementation. It is suitable for both embedded devices and larger computers.


Available here:, JavaScript implementation, MIT license.


Available here:, Swift for iPhone and more, MIT license.


See, Python 3 implementation, MIT License.


Protocol authors:

  • Frans Lundberg, ASSA ABLOY AB, Stockholm, Sweden.
  • Simon Johansson, ASSA ABLOY AB, Stockholm, Sweden.

Feel free to contact us.

Optimized crypto

The library depends on the repo: Note that this dependency is copied into this repo.

The salt-aa repo allows seamless use of optimized binaries (Libsodium) when available. If no native implementation is available, a pure Java implementation ( is used. This is handled dynamically.

Build and develop

Type "ant" to build using the build.xml script.

IDE tips:

  • Add the src, src-in, src-test directories as source directories.

  • Set out/classes/ to the output for compiled class files.

  • Include the libraries in lib, lib-dev.

Should work fine with any IDE. We have worked with Eclipse, IntelliJ, simple text editors.

Code conventions

The old Sun code conventions ( are followed loosely together with the following rules (which take precedence):

  • Lines can be up to 100 characters long.
  • Use four spaces as indent.
  • Use '\n' for end-of-line.
  • Use UTF-8 encoding.


  • files/ -- Non code files, specifications, docs.

  • src/ -- Primary source code.

  • src-in/ -- Source code copied from elsewhere. Do not edit, copy from primary location instead.

  • src-test/ -- JUnit tests.

  • build.xml -- ANT build script. Just type "ant" for the default build.